公开(公告)号：GB2514881A

公开(公告)日：2014-12-10

申请号：GB201404223

申请日：2014-03-11

Applicant: INTEL CORP

Inventor： PATEL BAIJU V ,  CROSSLAND JAMES B ,  KHARE ATUL A ,  OPFERMAN TOBY

IPC: G06F9/30 ,  G06F9/34 ,  G06F9/54 ,  G06F21/12

Abstract: Robust system call RBSTCALL and return RBSTRET instructions are executed by processors including execution circuitry and registers storing pointers to data structures in memory. The registers comprise segment registers, e.g. GS. For RBSTCALL the execution circuitry receives system call instructions from requesters which transfer control from a privilege level of the requester, e.g. ring 3 (user mode) or ring 0, to a privilege level of an operating system kernel, e.g. ring 0 (step 611). In response, the execution circuitry swaps the data structures that are pointed to by the registers between the requester and the operating system kernel in one atomic transition (step 612). Use of a SWAPGS instruction following a SYSCALL/SYSRET instruction is no longer needed. Privilege escalation attacks are avoided because using one single atomic instruction instead of a sequence prevents occurrence of faults in the middle. Faster RBSTCALL/RBSTRET assumes target ring is zero and removes segment validations.

公开(公告)号：GB2514881B

公开(公告)日：2015-09-30

申请号：GB201404223

申请日：2014-03-11

Applicant: INTEL CORP

Inventor： PATEL BAIJU V ,  CROSSLAND JAMES B ,  KHARE ATUL A ,  OPFERMAN TOBY

IPC: G06F9/30 ,  G06F9/34 ,  G06F9/54 ,  G06F21/12

Abstract: Robust system call and system return instructions are executed by a processor to transfer control between a requester and an operating system kernel. The processor includes execution circuitry and registers that store pointers to data structures in memory. The execution circuitry receives a system call instruction from a requester to transfer control from a first privilege level of the requester to a second privilege level of an operating system kernel. In response, the execution circuitry swaps the data structures that are pointed to by the registers between the requester and the operating system kernel in one atomic transition.

公开(公告)号：DE102014003854A1

公开(公告)日：2014-09-18

申请号：DE102014003854

申请日：2014-03-17

Applicant: INTEL CORP

Inventor： PATEL BAIJU V ,  OPFERMAN TOBY ,  KHARE ATUL A ,  CROSSLAND JAMES B

IPC: G06F9/318

Abstract: Robuste Systemaufruf- und Systemrückstellungsbefehle werden von einem Prozessor ausgeführt, um eine Steuerung zwischen einer anfragenden Stelle und einem Betriebssystem-Kernel zu übertragen. Der Prozessor enthält einen Ausführungsschaltkreis und Register, die Zeiger zu Datenstrukturen im Speicher speichern. Der Ausführungsschaltkreis empfängt einen Systemaufrufbefehl von einer anfragenden Stelle, um die Steuerung von einer ersten Privilegstufe der anfragenden Stelle zur einer zweiten Privilegstufe eines Betriebssystem-Kernels zu übertragen. Als Reaktion wechsel der Ausführungsschaltkreis die Datenstrukturen, auf die die Register verweisen, zwischen der anfragenden Stelle und dem Betriebssystem-Kernel in einem ungeteilten Übergang.

公开(公告)号：EP3005127A4

公开(公告)日：2017-01-25

申请号：EP14808307

申请日：2014-05-30

Applicant: INTEL CORP

Inventor： PATEL BAIJU V ,  LI XIAONING ,  ANVIN H P ,  MALLICK ASIT K ,  NEIGER GILBERT ,  CROSSLAND JAMES B ,  OPFERMAN TOBY ,  KHARE ATUL A ,  BRANDT JASON W ,  COKE JAMES S ,  VAJDA BRIAN L

IPC: G06F12/14 ,  G06F9/30 ,  G06F9/45 ,  G06F12/02 ,  G06F21/52

CPC classification number: G06F12/145 ,  G06F8/434 ,  G06F9/30105 ,  G06F9/30134 ,  G06F21/52

Abstract: An example processing system may comprise: a lower stack bound register configured to store a first memory address, the first memory address identifying a lower bound of a memory addressable via a stack segment; an upper stack bound register configured to store a second memory address, the second memory address identifying an upper bound of the memory addressable via the stack segment; and a stack bounds checking logic configured to detect unauthorized stack pivoting, by comparing a memory address being accessed via the stack segment with at least one of the first memory address and the second memory address.

Abstract translation: 示例性处理系统可以包括：下层堆栈绑定寄存器，被配置为存储第一存储器地址，第一存储器地址标识经由堆栈段可寻址的存储器的下限; 上堆栈绑定寄存器，被配置为存储第二存储器地址，所述第二存储器地址通过所述堆栈段识别所述存储器可寻址的上限; 以及堆栈边界检查逻辑，其被配置为通过将经由所述堆栈段访问的存储器地址与所述第一存储器地址和所述第二存储器地址中的至少一个进行比较来检测未授权堆栈的转动。